BIND 9.2.1 acting as DNS for Win2k Active Directory
Donnie Cranford
mozilla at attbi.com
Mon Dec 9 02:35:53 UTC 2002
Added Whitespace between the IN and things starting taking off!!
Thanks for your help!
Any idea on the release of BIND 9.2.2 ??
Mark_Andrews at isc.org wrote:
>>Ok, I have made the changes you said,
>>
>>Here are the config files now
>>
>>-----------------------------------------------------------------------------
>>----------------------
>>[root at Alderaan named]# cat /etc/named.conf
>>// BIND configuration file
>>
>>
>>options {
>>forwarders { 24.31.3.8; };
>> directory "/var/named";
>>};
>>
>>
>>//#####################################################
>>// Information for empire.intranet
>>//#####################################################
>>zone "empire.intranet" in {
>> type master;
>> file "empire.intranet.zone";
>> allow-update { any; };
>>};
>>
>>zone "_msdcs.empire.intranet" {
>> type master;
>> file "_msdcs.empire.intranet.zone";
>> allow-update { any; };
>>};
>>
>>zone "_sites.empire.intranet" {
>> type master;
>> file "_sites.empire.intranet.zone";
>> allow-update { any; };
>>};
>>
>>zone "_tcp.empire.intranet" {
>> type master;
>> file "_tcp.empire.intranet.zone";
>> allow-update { any; };
>>};
>>
>>zone "_udp.empire.intranet" {
>> type master;
>> file "_tcp.empire.intranet.zone";
>> allow-update { any; };
>>};
>>
>>
>>// ##############################
>>// ### Localhost setup
>>// ##############################
>>
>>zone "0.0.127.in-addr.arpa" in {
>> type master;
>> file "db.127.0.0";
>> allow-update { any; };
>>};
>>
>>zone "1.168.192.in-addr.arpa" in {
>> type master;
>> file "1.168.192.in-addr.arpa.zone";
>> allow-update { any; };
>>};
>>
>>// ##############################
>>// ### Cache file setup
>>// ##############################
>>
>>zone "." in {
>> type hint;
>> file "named.ca";
>>};
>>-----------------------------------------------------------------------------
>>----------------------
>>[root at Alderaan named]# cat empire.intranet.zone
>>$ORIGIN empire.intranet.
>>$TTL 86400 ; 1 day
>>@ IN SOA Alderaan.empire.intranet.
>>postmaster.empire.intranet.empire.intranet. (
>> 103 ; serial
>> 10800 ; refresh (3 hours)
>> 3600 ; retry (1 hour)
>> 604800 ; expire (1 week)
>> 86400 ; minimum (1 day)
>> )
>>Alderaan.empire.intranet. IN A 192.168.1.102
>>empire.intranet. IN NS Alderaan.empire.intranet.
>>_msdcs.empire.intranet. IN NS Alderaan.empire.intranet.
>>_sites.empire.intranet. IN NS Alderaan.empire.intranet.
>>_tcp.empire.intranet. IN NS Alderaan.empire.intranet.
>>_udp.empire.intranet. IN NS Alderaan.empire.intranet.
>>-----------------------------------------------------------------------------
>>-----------------------
>>[root at Alderaan named]# cat _msdcs.empire.intranet.zone
>>$ORIGIN _msdcs.empire.intranet.
>>$TTL 86400 ; 1 day
>>@ IN SOA Alderaan.empire.intranet.
>>postmaster.empire.intranet.empire.intranet. (
>> 103 ; serial
>> 10800 ; refresh (3 hours)
>> 3600 ; retry (1 hour)
>> 604800 ; expire (1 week)
>> 86400 ; minimum (1 day)
>> )
>>IN NS Alderaan.empire.intranet.
>>-----------------------------------------------------------------------------
>>----------------------
>>
>>I rerun the dcpromo and im still getting the same problem
>>
>>The SOA query for _ldap._tcp.dc._msdcs.empire.intranet to find the
>>primary DNS server returned:
>> DNS server failure.
>>(error code 0x0000232A "RCODE_SERVER_FAILURE")
>>
>>
>
> What errors are being reported by the nameserver when you
> load the zones?
>
> Note there should be white space before the "IN" above or the
> server will read the line as delegating a zone called
> "IN._msdcs.empire.intranet". White space at the begining of
> a record say "inherit the name from the previous record".
>
> Mark
>
>
>>Mark_Andrews at isc.org wrote:
>>
>>
>>
>>>>--------------------------------------------------------------------------
>>>>[root at Alderaan named]# cat empire.intranet.zone
>>>>$ORIGIN .
>>>>$TTL 86400 ; 1 day
>>>>@ IN SOA Alderaan.empire.intranet.
>>>>postmaster.empire.intranet.empire.intranet. (
>>>> 101 ; serial
>>>> 10800 ; refresh (3 hours)
>>>> 3600 ; retry (1 hour)
>>>> 604800 ; expire (1 week)
>>>> 86400 ; minimum (1 day)
>>>> )
>>>>Alderaan.empire.intranet. IN A 192.168.1.102
>>>>_msdcs.empire.intranet. IN NS Alderaan.empire.intranet.
>>>>_sites.empire.intranet. IN NS Alderaan.empire.intranet.
>>>>_tcp.empire.intranet. IN NS Alderaan.empire.intranet.
>>>>_udp.empire.intranet. IN NS Alderaan.empire.intranet.
>>>>
>>>>---------------------------------------------------------------------------
>>>>
>>>>
>>>>
>>>>
>>> Well it helps if the $ORIGIN was "empire.intranet" rather than
>>> ".". That way @ would expand to "empire.intranet" rather than
>>> ".".
>>>
>>> Also you need NS records for the zone.
>>>
>>> The nameserver would have logged messages like:
>>>
>>>empire.intranet.zone:3: ignoring out-of-zone data (.)
>>>zone empire.intranet/IN: could not find NS and/or SOA records
>>>zone empire.intranet/IN: has 0 SOA records
>>>zone empire.intranet/IN: has no NS records
>>>
>>>
>>>
>>>
>>>
>>>>ALL OF MY "_"subzones have this same config, I will show _msdcs for
>>>>debugging
>>>>
>>>>[root at Alderaan named]# cat _msdcs.empire.intranet.zone
>>>>$ORIGIN .
>>>>$TTL 86400 ; 1 day
>>>>@ IN SOA Alderaan.empire.intranet.
>>>>postmaster.empire.intranet.empire.intranet. (
>>>> 100 ; serial
>>>> 10800 ; refresh (3 hours)
>>>> 3600 ; retry (1 hour)
>>>> 604800 ; expire (1 week)
>>>> 86400 ; minimum (1 day)
>>>> )
>>>>IN NS Alderaan.empire.intranet.
>>>>
>>>>
>>>>
>>>>
>>> Similar $ORIGIN problem here.
>>>
>>>
>>>
>>>
>>>
>>>>If we can find out what is going on here, I plan on writing up a nice
>>>>HOWTO and including it in the Windows .Net 2003 Beta groups im on.
>>>>
>>>>As well as providing it to the general public
>>>>
>>>>
>>>>Thanks
>>>>
>>>>Donnie Cranford
>>>>
>>>>
>>>>
>>>>
>>>--
>>>Mark Andrews, Internet Software Consortium
>>>1 Seymour St., Dundas Valley, NSW 2117, Australia
>>>PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>--
>Mark Andrews, Internet Software Consortium
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
>
>
>
>
More information about the bind-users
mailing list